From: Chris Duncan <chris@zoso.dev>
Date: Wed, 23 Jul 2025 05:08:35 +0000 (-0700)
Subject: Set seed to null when locking and destroying. Import salt as entropy when fetching... 
X-Git-Tag: v0.10.5~55^2~31
X-Git-Url: https://git.codecow.com/?a=commitdiff_plain;h=e78a7eb08712643ad72f1aade93848ac8f6acccd;p=libnemo.git

Set seed to null when locking and destroying. Import salt as entropy when fetching from safe.
---

diff --git a/src/lib/account.ts b/src/lib/account.ts
index 2cd9842..d16352f 100644
--- a/src/lib/account.ts
+++ b/src/lib/account.ts
@@ -72,8 +72,8 @@ export class Account {
 	async destroy (): Promise<void> {
 		await SafeWorker.assign({
 			method: 'destroy',
-			[this.publicKey]: this.publicKey,
-			store: 'Account'
+			store: 'Account',
+			[this.publicKey]: this.publicKey
 		})
 		this.#frontier = undefined
 		this.#balance = undefined
diff --git a/src/lib/wallets/wallet.ts b/src/lib/wallets/wallet.ts
index 98505c3..6acacb3 100644
--- a/src/lib/wallets/wallet.ts
+++ b/src/lib/wallets/wallet.ts
@@ -24,13 +24,13 @@ export abstract class Wallet {
 	#id: Entropy
 	#locked: boolean = true
 	#m: Bip39Mnemonic | null
-	#s: Uint8Array<ArrayBuffer>
+	#s: Uint8Array<ArrayBuffer> | null
 
 	get id () { return `libnemo_${this.#id.hex}` }
 	get isLocked () { return this.#locked }
 	get isUnlocked () { return !this.#locked }
 	get mnemonic () { return this.#m instanceof Bip39Mnemonic ? this.#m.phrase : null }
-	get seed () { return 0 === +(bytes.toHex(this.#s)) ? null : bytes.toHex(this.#s) }
+	get seed () { return this.#s == null ? this.#s : bytes.toHex(this.#s) }
 
 	constructor (id: Entropy, seed?: Uint8Array<ArrayBuffer>, mnemonic?: Bip39Mnemonic) {
 		if (this.constructor === Wallet) {
@@ -39,7 +39,7 @@ export abstract class Wallet {
 		this.#accounts = new AccountList()
 		this.#id = id
 		this.#m = mnemonic ?? null
-		this.#s = seed ?? new Uint8Array(0)
+		this.#s = seed ?? null
 	}
 
 	/**
@@ -144,6 +144,7 @@ export abstract class Wallet {
 		}
 		this.#m = null
 		bytes.erase(this.#s)
+		this.#s = null
 		await SafeWorker.assign({
 			store: 'Wallet',
 			method: 'destroy',
@@ -187,6 +188,7 @@ export abstract class Wallet {
 			bytes.erase(password)
 		}
 		bytes.erase(this.#s)
+		this.#s = null
 		this.#m = null
 		this.#locked = true
 		return true
diff --git a/src/lib/workers/safe.ts b/src/lib/workers/safe.ts
index 2cc38b9..f3ef9c1 100644
--- a/src/lib/workers/safe.ts
+++ b/src/lib/workers/safe.ts
@@ -136,10 +136,10 @@ export class Safe extends WorkerInterface {
 			}
 			const decryptionKeys: { [salt: string]: CryptoKey } = {}
 			for (const record of records) {
-				const salt = bytes.toHex(new Uint8Array(record.salt))
-				decryptionKeys[salt] ??= await this.#createAesKey('decrypt', password, record.salt)
+				const salt = await Entropy.import(record.salt)
+				decryptionKeys[salt.hex] ??= await this.#createAesKey('decrypt', password, salt.buffer)
 				const iv = await Entropy.import(record.iv)
-				const decrypted = await globalThis.crypto.subtle.decrypt({ name: 'AES-GCM', iv: iv.buffer }, decryptionKeys[salt], record.encrypted)
+				const decrypted = await globalThis.crypto.subtle.decrypt({ name: 'AES-GCM', iv: iv.buffer }, decryptionKeys[salt.hex], record.encrypted)
 				results[record.label] = decrypted
 			}
 			return results